Russian authorities said they have arrested members of the notorious REvil ransomware gang, in an unprecedented move said to have been undertaken at the request of the United States.
The gang is believed to have been responsible for some of the most damaging cyberattacks over the past 12 months, including those affecting Colonial Pipeline, JBS Foods and US technology firm Kaseya.
Police worked with the FSB security services to raid 25 addresses and arrest 14 individuals in Moscow, St. Petersburg, Leningrad and Lipetsk, the FSB said.
Authorities seized more than 426 million roubles (£4m), including cryptocurrency, about £860,000 in euros and US dollars, computer equipment and 20 luxury cars.
The REN TV channel broadcast footage of agents raiding homes and arresting people, pinning them to the floor, and seizing large piles of dollars and Russian roubles.
“The organised criminal gang has ceased to exist, and the information infrastructure used for criminal purposes was neutralised,” the FSB said in a statement.
The group members have been charged and could face up to seven years in prison. The FSB said US authorities had been informed of the developments. The US Embassy in Moscow did not immediately respond to a request for comment.
A source familiar with the case told Interfax the group’s members with Russian citizenship would not be handed over to the US.
The US said in November it would offer a reward of up to $10m for information leading to the identification or location of anyone with a key role in the REvil group.
The gang shut down its operations in July, before staging a failed comeback in September and having its information infrastructure hacked and forced offline by an international operation in October.
In November a 22-year-old Ukrainian national was arrested in Romania and charged with activities as part of the REvil gang.
Seven other alleged REvil members were also arrested last year through operations coordinated by Europol.
The surprise operation comes amidst spiralling tensions between Russia and the US over a Russian military buildup on its border with the Ukraine, as Russia seeks guarantees from the West, including that Nato will not expand further.
The raids were announced only hours after the Ukraine was hit by a major cyberattack that shut down government websites, although there was no indication the incidents were related.
Industry supply chain analyst says Apple cut orders for the iPhone 16 for Q4 2024…
Heavy fine for LinkedIn, after Irish data protection watchdog cites GDPR violations with people's personal…
UK competition regulator begins phase one investigation into Alphabet's partnership with AI startup Anthropic
After alerting the US of an attempt to circumvent US export controls, TSMC halts chip…
Fresh win for Intel after Europe top court upholds annulment of billion-euro antitrust fine imposed…
News Corp surprises Perplexity, after the media group sued the AI search engine for allegedly…